The ThreatQ Automated Contextualization Engine (ACE) operation utilizes the ThreatQ ACE library for parsing unstructured text for contextual intelligence such as IOCs, malware, adversaries, and tags.

The operation provides the following action:

• Parse - parses a selected object's unstructured description text for contextualization.   

The operation is compatible with the following system objects:

• Adversaries
• Assets
• Campaigns
• Events
• Files
• Incidents
• Malware
• Reports
• Custom Objects
  • Cluster
  • Compromised Account
  • Compromised Asset
  • Compromised Card
  • Hunt Mission
  • IMEI
  • Money Mule
  • Malware Analysis
  • Monitoring
  • Organization
  • Persona
  • RFI
  • Suspected Incident
  • Threat Assessment

Note:  The custom objects listed above are supported but are not required to install and run the operation.